Tag: crypto
-
Popular game script spoofed to infect thousands of game developers
by
in SecurityNewsA malware loader, now named GodLoader, has been observed to be using Godot, a free and open-source game engine, as its runtime to execute malicious codes and has dropped known malware on at least 17,000 machines.Unaware users of the engine, which helps create 2D and 3D games and deploy them across various platforms including Windows,…
-
XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner
by
in SecurityNewsCybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later adding malicious code to steal sensitive data and mine cryptocurrency on infected systems.The package, named @0xengine/xmlrpc, was originally published on October 2, 2023 as…
-
Crypto companies are losing ground to deepfake attacks
by
in SecurityNewsThe crypto sector stands out as the only surveyed industry where deepfake fraud surpasses traditional document fraud in prevalence, according to Regula. Crypto companies … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/28/crypto-deepfake-fraud/
-
US Appeals Court Reverses Tornado Cash Sanctions
by
in SecurityNewsDepartment of Treasury Overstepped its Authority, Fifth Circuit Rules. A U.S. federal appeals court ruled U.S. Department of Treasury exceeded its authority by sanctioning Tornado Cash, a cryptocurrency mixing service used by North Korean hackers to launder more than $455 million. Smart contracts are not capable of being owned, the court ruled. First seen on…
-
Appeals court overturns Treasury sanctions against crypto mixer Tornado Cash
by
in SecurityNews
Tags: cryptoFirst seen on therecord.media Jump to article: therecord.media/tornado-cash-crypto-mixer-judge-overturns-sanctions
-
Appeals court tosses sanctions on Tornado cash crypto mixer
by
in SecurityNewsThe mixer was sanctioned after a North Korea hacking group used the software to launder more than $455 million. First seen on cyberscoop.com Jump to article: cyberscoop.com/tornado-cash-sanctions-overturned-lazarus-group/
-
Telegram leveraged by updated PyPI package for crypto exfiltration
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/telegram-leveraged-by-updated-pypi-package-for-crypto-exfiltration
-
OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts
by
in SecurityNewsCyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/opensea-phishers-aim-drain-crypto-wallets-nft-enthusiasts
-
SEC reports drop in enforcement actions for 2024 FY
by
in SecurityNewsThe securities regulator also reported a record $8.2 billion in monetary remedies for its last fiscal year, driven by Terraform Labs crypto fraud settlement. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sec-enforcement-actions-decrease/733965/
-
LottieFiles supply chain attack exposes users to malicious crypto wallet drainer
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/10/31/lottiefiles_supply_chain_attack/
-
The source code of Banshee Stealer leaked online
by
in SecurityNewsBanshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. The code is now available on GitHub. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. BANSHEE Stealer supports basic evasion techniques, relies on the sysctl API…
-
North Korean and Chinese Threat Actors Target Crypto, Aerospace, and Government Agencies
by
in SecurityNews
Tags: china, crypto, cyber, government, intelligence, korea, microsoft, north-korea, tactics, threatAt CYBERWARCON 2024, Microsoft Threat Intelligence unveiled groundbreaking research on two major nation-state cyber actors: North Korea and China. These revelations provide a closer look at their tactics, techniques, and... First seen on securityonline.info Jump to article: securityonline.info/north-korean-and-chinese-threat-actors-target-crypto-aerospace-and-government-agencies/
-
FBI pierces ‘anonymity’ of cryptocurrency, secret domain registrars in Scattered Spider probe
by
in SecurityNewsThe US Justice Department on Wednesday announced the arrest of five suspected members of the notorious Scattered Spider phishing crew, but the most interesting part of the case was a US Federal Bureau of Investigation (FBI) document detailing how easily the feds were able to track the phishers’ movements and activities. In recent years, services that push…
-
Act fast to snuff out employee curiosity over ‘free’ AI apps
by
in SecurityNewsThe word “free” has always tempted employees who are looking for an app or template to make their work easier. These days, combine “free” with “AI” and the lure is almost irresistible.Since the release of ChatGPT in late 2022, free AI-themed apps have exploded. Unfortunately, some are created by threat actors. One of the latest…
-
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram.The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to…
-
npm Package Lottie-Player Compromised in Supply Chain Attack
by
in SecurityNewsnpm package @lottiefiles/lottie-player hacked with malicious code, draining crypto wallets via web3 pop-ups First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/npm-package-lottieplayer-supply/
-
Wallet Scam: A Case Study in Crypto Drainer Tactics
ey takeaways Introduction Crypto drainers are malicious tools that steal digital assets like NFTs, and tokens from cryptocurrency wallets. They often … First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/walletconnect-scam-a-case-study-in-crypto-drainer-tactics/
-
1,000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole
PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more First seen on theregister.com Jump to article: www.theregister.com/2024/11/22/palo_alto_firewalls_under_exploit/
-
Scam Crypto-API in Quellcode-Vorschlag schädigt Opfer um 2.500 US-Dollar
Heute noch eine unglaubliche Geschichte, die mir von einem Sicherheitsexperten zugespielt wurde. Jemand hat versucht, mittels ChatGPT Code für eine Anwendung erstellen zu lassen, die auch Kryptogelder transferieren können soll. Dabei wurde Schadcode eingebaut, der dafür sorgte, dass das Opfer … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/24/chatgpt-wenn-bei-der-code-entwicklung-schadcode-injiziert-wird/
-
Mit Meme-Coins: Kind bringt Krypto-Anleger mehrfach um ihr Geld
by
in SecurityNews
Tags: cryptoWährend eines Livestreams betrog der Junge seine Zuschauer um 30.000 USD. Er war sichtlich erfreut über den Gewinn, doch die Krypto-Anleger rächten sich. First seen on golem.de Jump to article: www.golem.de/news/mit-meme-coins-kind-bringt-krypto-anleger-mehrfach-um-ihr-geld-2411-191072.html
-
1000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole
PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more First seen on theregister.com Jump to article: www.theregister.com/2024/11/22/palo_alto_firewalls_under_exploit/
-
Malware Bypasses Microsoft Defender and 2FA to Steal $24K in Crypto
by
in SecurityNewsMalware bypasses Microsoft Defender and 2FA, stealing $24K in cryptocurrency via a fake NFT game app. Learn how… First seen on hackread.com Jump to article: hackread.com/malware-bypasses-microsoft-defender-2fa-crypto/
-
DOJ Takes Down Global Cybercrime Hub PopeyeTools, Seizes Cryptocurrency
by
in SecurityNewsThe U.S. Department of Justice has announced the seizure of the PopeyeTools website, a notorious cybercrime website that facilitated the trafficking of stolen financial information and tools for committing fraud. Along with this major takedown, criminal charges have been filed against three administrators of the site: Abdul Ghaffar, 25, of Pakistan; Abdul Sami, 35, of…
-
Cryptohack Roundup: No Prison Time for FTX’s Gary Wang
by
in SecurityNewsAlso: Bitfinex Launderer Razzlekhan Gets 18-Month Sentence. This week, sentences in FTX, Bitfinex and Helix cases, a $25.5M Thala hack, the WazirX hack and South Korea probed UpBit. U.S. lawmakers want a crackdown on Tornado. U.S. Prosecutors may scale back crypto cases. BIT Mining fined $10M and the Chinese Communist Party expelled a key blockchain…
-
Feds Indict 5 Suspects Tied to Scattered Spider Cybercrime
by
in SecurityNewsFBI Ties Men to at Least 45 Attacks and Theft of Cryptocurrency Worth Millions. The U.S. government on Wednesday unsealed criminal charges against five suspected members of the loosely organized financially motivated cybercriminal group Scattered Spider. The suspects have been tied to 45 attacks, disrupting businesses and stealing cryptocurrency worth millions of dollars. First seen…
-
How to select the best on-ramp and off-ramp for you?
by
in SecurityNews
Tags: cryptoChoosing the best on-ramp and off-ramp solutions is a key part of navigating the cryptocurrency landscape to… First seen on hackread.com Jump to article: hackread.com/how-to-select-the-best-on-ramp-and-off-ramp/
-
Now BlueSky hit with crypto scams as it crosses 20 million users
by
in SecurityNewsAs users are flocking to BlueSky from social media platforms like X/Twitter, so are threat actors. BleepingComputer has spotted cryptocurrency scams popping up on BlueSky just as the decentralized microblogging service surpassed 20 million users this week. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/now-bluesky-hit-with-crypto-scams-as-it-crosses-20-million-users/